From nobody Tue Feb 10 05:40:00 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 15384985001351012.7957686917446; Tue, 2 Oct 2018 09:41:40 -0700 (PDT) Received: from localhost ([::1]:44746 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Njr-00032S-5z for importer@patchew.org; Tue, 02 Oct 2018 12:41:35 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34898) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nee-0006hX-Rh for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nee-000585-1O for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:12 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51570) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nec-000565-1O; Tue, 02 Oct 2018 12:36:10 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Neb-0007Ie-1r; Tue, 02 Oct 2018 17:36:09 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:52 +0100 Message-Id: <20181002163556.10279-10-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 09/13] target/arm: Add v8M stack checks for Thumb2 LDM/STM X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add the v8M stack checks for: * LDM (T2 encoding) * STM (T2 encoding) This includes the 32-bit encodings of the instructions listed in v8M ARM ARM rule R_YVWT as * LDM, LDMIA, LDMFD * LDMDB, LDMEA * POP (multiple registers) * PUSH (muliple registers) * STM, STMIA, STMEA * STMDB, STMFD We perform the stack limit before doing any other part of the load or store. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/translate.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index c16d6075d94..3fb378a492d 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -10524,6 +10524,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) } else { int i, loaded_base =3D 0; TCGv_i32 loaded_var; + bool wback =3D extract32(insn, 21, 1); /* Load/store multiple. */ addr =3D load_reg(s, rn); offset =3D 0; @@ -10531,10 +10532,26 @@ static void disas_thumb2_insn(DisasContext *s, ui= nt32_t insn) if (insn & (1 << i)) offset +=3D 4; } + if (insn & (1 << 24)) { tcg_gen_addi_i32(addr, addr, -offset); } =20 + if (s->v8m_stackcheck && rn =3D=3D 13 && wback) { + /* + * If the writeback is incrementing SP rather than + * decrementing it, and the initial SP is below the + * stack limit but the final written-back SP would + * be above, then then we must not perform any memory + * accesses, but it is IMPDEF whether we generate + * an exception. We choose to do so in this case. + * At this point 'addr' is the lowest address, so + * either the original SP (if incrementing) or our + * final SP (if decrementing), so that's what we check. + */ + gen_helper_v8m_stackcheck(cpu_env, addr); + } + loaded_var =3D NULL; for (i =3D 0; i < 16; i++) { if ((insn & (1 << i)) =3D=3D 0) @@ -10562,7 +10579,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) if (loaded_base) { store_reg(s, rn, loaded_var); } - if (insn & (1 << 21)) { + if (wback) { /* Base register writeback. */ if (insn & (1 << 24)) { tcg_gen_addi_i32(addr, addr, -offset); --=20 2.19.0